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-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH (S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)[E1 Responsive to communication(s) filed on 16 May 2005 . 
2a)[E) This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 21 3. 

Disposition of Claims 

4) K Claim(s) 1-22 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) (E] Claim(s) 1-22 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

1 2) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 

a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



1. 



This action is responsive to communication: amendment filed 16 May 2005, with an 



original filing date of 3 March 2000 and acknowledgement of continuing filing date of 



5 March 1999. 



2. 



Claims 1-22 are currently pending in this application. Claims 1, 11,21, and 22 are 



independent claims. Amendment to the drawings are accepted. 



Response to Arguments 



Applicant's arguments with respect to claims 1-22 have been considered but are not 



persuasive. 



In response to applicant's argument on page 5, "Win does not disclose sending a token to 
a remote server that contain authentication information responsive to a first authentication and 
information regarding an account for the user including at least one of a new account for the user 
and an update to an existing account for the user . . . However, updating the profile information 
of Win is only achieved when the user updates profile or local information within the Profile 
Management Service . . . Therefore updated information is not included with the cookies since 
updating occurs at the Access Server". The Office does not agree, Win teaches sending the 
cookies with the updated information to remote servers see col. 7, line 58-67. The user profile 
information is read from a Registry Server, encrypted into cookies and sent to remote resources. 
When the information concerning user configuration or roles is modified or updated the 
applications are notified and read from the Registry Server. In addition col. 8, lines 46 through 
col. 9 line 40 show the "roles cookies". In Win the user information is termed "role" and it is the 
"role cookie" which is sent to remote resources. 
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In response to applicant's argument on page 5, "Moreover, Anderson does not cure the 
infirmities of Win in that Anderson does not teach or suggest sending a token to a remote server 
that contain authentication information". The Office does not agree, Win teaches that new 
account information can be sent to a remote resource (or server) with the 'role cookie' which can 
be updated by either the Administrator or a user. Anderson was added to the rejection because 
Win does not teach setting a flag indicating that the account is a new user account. However 
Win in view of Anderson show this limitation see col. 7, line 52 through col. 8, line 23. 



Claim Rejections -35 USC §102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1(2) of such treaty in the English language 

5. Claims 1-4, 7-14, 17-22 are rejected under 35 U.S.C. 102(e) as being anticipated by Win 
et al. U.S. Patent No. 6,453,353 (hereinafter '353). 

As to independent claim 1, "A method of performing multiple user authentications 
with a single sign-on, comprising: performing a first user authentication; selecting a remote 
server subsequent to said first authentication" is taught in '353 col. 5, line 65 through col. 6, 
line 16; 

"sending a token to said remote server containing authentication information 
responsive to said first authentication, wherein the token also contains information 
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regarding an account for the user including, at least one of a new account for the user and 
an update to an existing account for the user; and decoding said authentication 
information, wherein said decoding said authentication information induces a second user 
authentication" is shown in '353 col. 6, lines 58-65. 

As to dependent claim 2, "wherein said sending includes sending said token within a 
universal resource locator" is disclosed in '353 col. 6, lines 58-65. 

As to dependent claim 3, "wherein said token includes a timestamp" is taught in '353 
col. 6, lines 47-53. 

As to dependent claim 4, "wherein said token is encrypted" is shown in '353 col. 6, 
lines 58-65. 

As to dependent claim 7, "wherein the information regarding an account for the 
user in said token includes user profile update information" is taught in '353 col. 11, 
lines 21-32. 

As to dependent claim 8, "wherein said remote server updates a user profile in 
response to said user profile update information" taught in '353 col. 11, lines 21-32 

As to dependent claim 9, "wherein said first user authentication occurs within an 
Intranet" is shown in '353 col. 4, lines 50-67. 

As to dependent claim 10, "wherein said second user authentication occurs within 
said remote server" is disclosed in '353 col. 21, lines 8-28 and col. 17, lines 27-37 

As to independent claim 11, this claim is directed to a system implementing the method 
of claim 1 and it is rejected along similar rationale. 
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As to dependent claims 12-14 and 17-20, these claims contain substantially similar 
subject matter as claims 2-4 and 7-10; therefore they are rejected along similar rationale 

As to independent claim 21, this claims is directed to a system implementing the 
method of claim 1 and is rejected along similar rationale. 

As to independent claim 22, this claim is directed to a machine-readable medium of the 
method of claim 1 and is rejected along similar rationale. 

Claim Rejections -35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claims 5, 6, 15 and 16, are rejected under 35 U.S.C. 103(a) as being unpatentable over 
'353 in further view of Anderson et al. U.S. Patent No. 6,144,959 (hereinafter '959). 

As to dependent claim 5, the following is not taught in '353 "wherein the information 
regarding an account for the user in said token includes a new user flag" however c 959 
teaches "The Win32 API includes a number of functions for performing operations 
with credential information. The Win32 API includes the NetUserAdd function 
used to create a new user on a local Windows NT workstation. The NetUserAdd 
function accepts a number of parameters. A first parameter specifies in which 
domain a user account is created. When the value of the parameter supplied by 
a program is null, the NetUserAdd function creates a user on the local 
workstation within the local access database 203. Another parameter includes a 
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number of sub-parameters such as username and password, wherein the username is 

the name of a new user to be created and the password is a password to be assigned to the new 

user" in col. 7, line 62 through col. 8, line 23. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to modify a method of performing multiple user authentication taught in £ 752 to include a 
means where the system creates new user accounts. One of ordinary skill in the art would have 
been motivated to perform such a modification to permit an administrator to manage user 
accounts see '959 col. 4, lines 20 et seq. "The invention includes a system for authenticating a 
user to multiple systems. In addition, the system authenticates to a client workstation in a 
manner transparent to the user, and generates a user account on the client workstation if the user 
account does not exist. Further, the system provides a workstation object to a directory services 
database, permitting a network administrator to efficiently manage client workstation accounts". 

As to dependent claim 6, "wherein said remote server creates a new user account in 
response to said new user flag" is shown in '959 col. 7, line 62 through col. 8, line 23. 

As to dependent claims 15 and 16, these claims contain substantially subject matter as 
claims 5 and 6; therefore they are rejected along similar rationale. 

Conclusion 

TBIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time policy as 
set forth in 37 CFR 1. 136(a). A shortened statutory period for reply to this final action is set to 
expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed 
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within TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened 
statutory period will expire on the date the advisory action is mailed, and any extension fee 
pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In 
no event, however, will the statutory period for reply expire later than SIX MONTHS from the 
mailing date of this final action. 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ellen C Tran whose telephone number is 
(571) 272-3842. The examiner can normally be reached from 6:30 am to 3:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory A Morse can be reached on (571) 272-3838, The fax phone number for the 
organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Ellen. Tran 
Patent Examiner 
Technology Center 2134 
5 August 2005 




